package com.zhiyou.shiro;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

public class ShiroRealm extends AuthorizingRealm {

    //认证  登录的时候会调用此方法

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("==========认证授权=======");
        //自己写代码实现认证操作
        //获取用户名
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        String username = token.getUsername();
        System.out.println("username=="+username);
        //根据用户名查询数据库 获取密码
        String password = "123456";

        //把用户名密码封装到 AuthenticationInfo中 返回此对象
        //参数1 用户名 参数2密码  参数3 当前realm的名字 直接调用 getName即可
//        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(username,password,getName());
        //使用盐值加密
        ByteSource salt = ByteSource.Util.bytes(username);
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(username,password,salt,getName());
        //剩下的操作交给 shiro
        return info;
    }
    //授权 获取权限的时候会调用此方法
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("=======授权法被调用=====");
        return null;
    }


}
